NetFilter connection tracking connection

From: David Armstrong (
Date: Wed Aug 28 2002 - 15:58:27 EST


Is there any (simple) way, from userland, to tell the Linux kernel to
delete an active connection from the connection tracking list?

Example, say I have a NAT box running Linux, internal IP,
external I have a machine on the private network with an
active connection:

(cat /proc/net/ip_conntrack)

tcp 6 431998 ESTABLISHED src= dst=
sport=32879 dport=80 src= dst=217.XXX.YYY.ZZZ sport=80
dport=32879 [ASSURED] use=1

So I want to tell the kernel to forget about the above connection, such
that any further packets either upstream or downstream will simply get

Can this be achieved using existing utilities/kernel features?


To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to
More majordomo info at

This archive was generated by hypermail 2b29 : Sat Aug 31 2002 - 22:00:01 EST